Google Chrome AI extensions deliver info-stealing malware in broad attack

Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence AI tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate...

Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data

A malicious Python package on the Python Package Index PyPI repository has been found to use Unicode as a trick to evade detection and deploy an info-stealing malware. The package in question, named onyxproxy, was uploaded to PyPI on March 15, 2023, and comes with capabilities to harvest and...

MAL-2023-3017 Malicious code in esqintstringcraft (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 2537920b8966f9205f5f37e04e5165e06a48e852fe593c32afa766aa4e18e3d3 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2023-3423 Malicious code in esqstringpingcraft (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 81cca61a0baab7dba03f486c699fb68b3262202073e99ed34927a17e094d1677 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2023-4607 Malicious code in libverhackedhacked (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx fff3c918183b7b83234be4059b10a657ad7ccf188a4354f328e49eb9f120d34c EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2023-5345 Malicious code in py-mcvirtualpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0133f54f8ec198fa05303b50f9b10848eec40375d0afd8175d225cac6263189d EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2023-6915 Malicious code in tpadtool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 78002dff0e2571a80934efd57131e8efe02112ee103a17f9b045db2ad481a76e EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2023-7684 Malicious code in tpurlintel (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx cf62f533b6abff4a1d8d119fba1d218eba288e2c0c907b3635a2698a32cde3f5 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2023-2622 Malicious code in cpure (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx e75f0d2a786cf20271fc42f2113836fca61a31a19520049bb910726e6d933671 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Hackers Advertising New Info-Stealing Malware on Dark Web

By Deeba Ahmed Dubbed "Stealc" by researchers, the malware is also being promoted on several Russian language hacker and cybercrime forums on the clear net, in addition to the dark web. This is a post from HackRead.com Read the original post: Hackers Advertising New Info-Stealing Malware on Dark ...

PrivateLoader PPI Service Found Distributing Info-Stealing RisePro Malware

The pay-per-install PPI malware downloader service known as PrivateLoader is being used to distribute a previously documented information-stealing malware dubbed RisePro. Flashpoint spotted the newly identified stealer on December 13, 2022, after it discovered "several sets of logs" exfiltrated...

Ukraine's DELTA Military System Users Under Attack from Info Stealing Malware

The Computer Emergency Response Team of Ukraine CERT-UA this week disclosed that users of the Delta situational awareness program received phishing emails from a compromised email account belonging to the Ministry of Defense. The attacks, which have been attributed to a threat cluster dubbed...

2K Games Help Desk Platform Hacked to Spread Info-stealing Malware

By Deeba Ahmed Famous publisher 2K Games helpdesk platform was hacked where the attackers attempted to distribute malware to gamers devices.… This is a post from HackRead.com Read the original post: 2K Games Help Desk Platform Hacked to Spread Info-stealing Malware...

Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware

An ongoing espionage campaign operated by the Russia-linked Gamaredon group is targeting employees of Ukrainian government, defense, and law enforcement agencies with a piece of custom-made information stealing malware. "The adversary is using phishing documents containing lures related to the...

Snake Keylogger Spreads Through Malicious PDFs

While most malicious e-mail campaigns use Word documents to hide and spread malware, a recently discovered campaign uses a malicious PDF file and a 22-year-old Office bug to propagate the Snake Keylogger malware, researchers have found. The campaign—discovered by researchers at HP Wolf...

Attackers Spoof WhatsApp Voice-Message Alerts to Steal Info

Attackers are spoofing voice message notifications from WhatsApp in a malicious phishing campaign that uses a legitimate domain to spread an info-stealing malware, researchers have found. Researchers at cloud email security firm Armorblox discovered the malicious campaign targeting Office 365 and...

BlackGuard Password Stealing Malware Being Sold on Russian Hacking Forums

By Deeba Ahmed Zscaler ThreatLabz researchers have discovered sophisticated new info stealing malware available as malware-as-a-service on Russian hacking forums. In… This is a post from HackRead.com Read the original post: BlackGuard Password Stealing Malware Being Sold on Russian Hacking Forums...

Dark Web Azorult Generator Offers Free Binaries to Cybercrooks

A malicious build-it-yourself platform for the Azorult info-stealing malware has debuted on the Dark Web. The online builder, which its authors have named Gazorp, allows cybercriminals to generate their very own strains of Azorult, along with the apparatus to control it. And, it’s free. “Threat...

Hawkeye Keylogger – Reborn v8: An in-depth campaign analysis

Much of cybercrime today is fueled by underground markets where malware and cybercriminal services are available for purchase. These markets in the deep web commoditize malware operations. Even novice cybercriminals can buy malware toolkits and other services they might need for malware campaigns...

Microsoft teams up with law enforcement and other partners to disrupt Gamarue (Andromeda)

Today, with help from Microsoft security researchers, law enforcement agencies around the globe, in cooperation with Microsoft Digital Crimes Unit DCU, announced the disruption of Gamarue, a widely distributed malware that has been used in networks of infected computers collectively called the...